Computer Misuse Act 1990

1
Computer Misuse Act 1990

• Computer Crime

2
Objectives
1

• To know why the Computer Misuse act was
  introduced
• Be aware of who is affected by the Computer
  Misuse Act
• Understand what protection the Computer Misuse
  Act offers society
• Describe the areas of ICT the legislation is
  concerned with

3
Why was it introduced?
2

• The Computer Misuse act was created as a result
  of the growing problem of online "misdeeds" (what
  was happening at the time was not defined as
  crime because no laws had been passed to make
  them illegal!)
• As general computer usage grew during the 1970s
  and 80s, so did the incidence of people using
  computers for criminal purposese.g. accessing
  and amending data in bank accounts for personal
  gain.

4
The Computer Misuse Act
3
5
Hacking
4

• Hacking can be defined as intentionally accessing
  a computer system without consent.
• Hackers are people who gain unauthorised entry
  into a computer system
• Hacking is usually done remotely using telephone
  lines

6
5
Modem connected. Welcome to St Louis Grammar
School Please enter password _____________
7
Why do they do it?
6

• Just for fun (script kiddies)
• To vandalize web sites
• Paid work as part of a job to check computer
  security
• For financial gain computer fraud in the U.K.
  exceeds 2.5 billion each year
• To steal data!
• To beat the system

8
Viruses
7

• A virus is a program that has been designed to
  damage the operation of a computer automatically
  or deliberately
• There are many viruses around generally they
  tend to destroy user files, display annoying
  messages or graphics or store themselves a hidden
  files on your hard drive
• Some viruses are set to trigger on certain dates

9
How does a virus spread?
8
Infected computer
Source
Infection spreads
10
How can you deal with computer misuse?
9

• It is better to make sure that you have systems
  in place to prevent damage or theft caused by
  hackers and viruses than have to deal with the
  problems left by them afterwards.
• Most companies have an 'Acceptable Use Policy'
  which they insist all employees read and sign.
  This details how the computer system should be
  used, how passwords should be chosen and changed
  and how it is your responsibility to ensure that
  you do not leave your system unattended and
  vulnerable.
• If something goes wrong and it is clear that a
  member of staff has not followed the guidelines,
  they can be in serious trouble and may face
  disciplinary action themselves.

11
How can you deal with computer misuse?
10

• All companies should ensure that they use a
  firewall to protect themselves against hackers
  trying to gain access from outside the company.
• All companies and individuals should install
  anti-virus software to ensure that they are not
  vulnerable
• All companies should also maintain an audit log.
  This records the actions of everyone within the
  company - what files were accessed by whom and at
  what time, what e-mails were sent and what, if
  any attacks were made to gain access via the
  firewall.

12
Penalties
11

• Unauthorised access to computer material - This
  offence carries the risk of being sentenced to
  six months in prison and/or a hefty fine.
• Unauthorised access with intent to commit or
  facilitate a crime - Anyone caught doing this
  risks up to a five year prison sentence and/or a
  hefty fine.
• Unauthorised modification of computer material -
  This offence carries a penalty of up to five
  years in prison and/or a fine.

13
Summary
12
Planting ofviruses
Deliberate Data Destruction
Computer Misuse Act 1990
Program theft (software piracy)
Fraud
Unauthorised access to a computer system
Data theft
Hacking
14
Tasks
13

• Quick Quiz
• Complete worksheet 1c (Computer Crime chapter on
  Coursework explorer)
• Use the web address supplied on the sheet
• Type up your answers on the sheet
• Print out and keep in your file
• Further reading - Viruses